5 matches found
CVE-2026-42498
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through...
DEBIAN-CVE-2026-42498
Exposure of HTTP Authentication Header to unexpected hosts during WebSocket authentication vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.2 through 9.0.117, from 8.5.24 through 8.5.100, from 7.0.83 through...
CVE-2025-8283 Netavark: podman: netavark may resolve hostnames to unexpected hosts
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
Arbitrary Commands Execution Vulnerability in JP1/Base
Overview The JP1/Base contains a vulnerability where arbitrary commands may be executed when it receives request messages from unexpected hosts in the network. Impact Malicious users can exploit this vulnerability to execute arbitrary commands by sending request messages from an unexpected host...
Arbitrary Commands Execution Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2
Overview The JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 contain a vulnerability where arbitrary commands may be executed when they receive request messages from unexpected hosts in the network. Impact Malicious users can exploit this vulnerability to execute...